AliCloud Security Server Guard

One of the security product offers free-of-charge by AliCloud is Server Guard. Server Guard is a host-based intrusion detection system (HIDS) that monitors and analyzes the internals system of an ECS instance.

First thing first, Alibaba CLoud should really need to improve their UI. When I access to the Server Guard (YunDun) console, part of the description is displayed in Chinese, despite I am on the English console.

Screenshoot of abnormal login shown that my SSH session to the server with root. (This is a bad practise!)

Lastly, you can setup notification for Remote login, Brute-force attack and Protection Against Backdoors.

Server Security Server Guard is a good feature and should enable by default for an ECS instance. However, Ali Cloud team need to work on to provide better user interface and offer more security features.